You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm opening this issue because my security scanner (Wiz) flagged a potential vulnerability: GHSA-jfh8-c2jp-5v3q (Log4Shell) in a project that uses react-native-get-random-values.
This is breaking a number of our builds within the corporate finance sector. Is there any chance you can use a different library to accomplish this goal or remove this library?
Hey!
I'm opening this issue because my security scanner (Wiz) flagged a potential vulnerability: GHSA-jfh8-c2jp-5v3q (Log4Shell) in a project that uses react-native-get-random-values.
This is breaking a number of our builds within the corporate finance sector. Is there any chance you can use a different library to accomplish this goal or remove this library?
Here's the context:
Package: react-native-get-random-values
Link to your
package.json- https://github.com/coveo/coveo.analytics.js/blob/master/package.json#L28Dependency tree: indirectly used through
coveo.analyticsScanner: Wiz
CVE: CVE-2021-44228
Additionally, I have opened a PR in the offending app, but I am not sure it's actually maintained anymore
The text was updated successfully, but these errors were encountered: